Fake Antivirus

Journey from Trojan to Persistent Threat

Fake antivirus (FakeAV) is one of the largest families of malware that we have seen in recent times. FakeAV has grown over the years to be a persistent and prevalent threat. In this paper, we study the evolution of FakeAV over the last three-and-a-half years. We analyze the major FakeAV events, infection vectors and some important anti-emulation/anti-reverse engineering (RE) tricks used by FakeAV packers. We also analyze how exploit kits are used to infect users with FakeAV and study how a polymorphic packer found in underground internet forums is used to encrypt and compress the malware binary.

ダウンロード: Fake Antivirus: Journey from Trojan to a Persistent Threat

In this paper, we study the evolution of FakeAV over the last three-and-a-half years. We analyze the major FakeAV events, infection vectors and some important anti-emulation/anti-reverse engineering (RE) tricks used by FakeAV packers. 今すぐダウンロードする

By Jagadeesh Chandraiah, Researcher, SophosLabs UK

download 無償評価版の試用
無償評価版のダウンロード

お客様の評価

"ソフォス製品は、時間、リソース、コストの節約を可能にしました"
Sam Ghelfi、Raymond James

詳細情報

アワードとレビュー

Awards